2021-01-17 00:18:43 +00:00
|
|
|
rspamd_enabled: true
|
2023-06-10 03:20:10 +00:00
|
|
|
rspamd_chart_ref: "ghp/rspamd"
|
2021-01-25 18:04:57 +00:00
|
|
|
rspamd_short_name: "rspamd"
|
2021-01-09 17:54:42 +00:00
|
|
|
rspamd_default_values:
|
|
|
|
replicaCount: 1
|
|
|
|
persistence:
|
|
|
|
enabled: false
|
|
|
|
existingClaim: mailboxes
|
2021-01-17 00:18:43 +00:00
|
|
|
redis:
|
|
|
|
enabled: true
|
2022-12-24 21:46:42 +00:00
|
|
|
architecture: standalone
|
2021-01-09 17:54:42 +00:00
|
|
|
rspamd:
|
2021-01-17 00:18:43 +00:00
|
|
|
local.d:
|
|
|
|
redis.conf: |
|
|
|
|
servers = "rspamd-redis-master";
|
|
|
|
worker-proxy.inc: |
|
|
|
|
bind_socket = "0.0.0.0:11332";
|
|
|
|
worker-normal.inc: |
|
|
|
|
bind_socket = "0.0.0.0:11333";
|
|
|
|
worker-controller.inc: |
|
|
|
|
bind_socket = "0.0.0.0:11334";
|
|
|
|
worker-fuzzy.inc: |
|
|
|
|
bind_socket = "0.0.0.0:11335";
|
|
|
|
logging.inc: |
|
|
|
|
type = "console";
|
|
|
|
spf.conf: |
|
|
|
|
spf_cache_size = 1k; # cache up to 1000 of the most recent SPF records
|
|
|
|
spf_cache_expire = 1d; # default max expire for an element in this cache
|
|
|
|
max_dns_nesting = 10; # maximum number of recursive DNS subrequests
|
|
|
|
max_dns_requests = 30; # maximum count of DNS requests per record
|
|
|
|
min_cache_ttl = 5m; # minimum TTL enforced for all elements in SPF records
|
|
|
|
dkim_signing.conf: |
|
|
|
|
enabled = true;
|
|
|
|
# If `true` get pubkey from DNS record and check if it matches private key
|
|
|
|
check_pubkey = true;
|
|
|
|
# Set to `false` if you want to skip signing if public and private keys mismatch
|
|
|
|
allow_pubkey_mismatch = true;
|
|
|
|
# Domain specific settings
|
|
|
|
domain {
|
|
|
|
# Domain name is used as key
|
|
|
|
"{{ mail_domain | default(domain) }}" {
|
|
|
|
# Private key path
|
|
|
|
path = "/var/lib/rspamd/dkim/default.key";
|
|
|
|
# Selector
|
|
|
|
selector = "default";
|
|
|
|
}
|
|
|
|
}
|
|
|
|
arc.conf: |
|
|
|
|
domain {
|
|
|
|
# Domain name is used as key
|
|
|
|
"{{ mail_domain | default(domain) }}" {
|
|
|
|
# Private key path
|
|
|
|
path = "/var/lib/rspamd/dkim/default.key";
|
|
|
|
# Selector
|
|
|
|
selector = "default";
|
|
|
|
}
|
|
|
|
}
|
|
|
|
dmarc.conf: |
|
|
|
|
# Enables storing reporting information to redis
|
|
|
|
reporting = true;
|
|
|
|
# If Redis server is not configured below, settings from redis {} will be used
|
|
|
|
#servers = "127.0.0.1:6379"; # Servers to use for reads and writes (can be a list)
|
|
|
|
servers = "rspamd-redis-master";
|
|
|
|
# Alternatively set read_servers / write_servers to split reads and writes
|
|
|
|
# To set custom prefix for redis keys:
|
|
|
|
#key_prefix = "dmarc_";
|
|
|
|
# Actions to enforce based on DMARC disposition (empty by default)
|
|
|
|
actions = {
|
|
|
|
quarantine = "add_header";
|
|
|
|
reject = "reject";
|
|
|
|
}
|
|
|
|
# Ignore "pct" setting for some domains
|
|
|
|
# no_sampling_domains = "/etc/rspamd/dmarc_no_sampling.domains";
|
|
|
|
dkim-keys:
|
|
|
|
default: |
|
|
|
|
{{ dkim_private_key_base64 | b64decode }}
|